From 05ecb6a493e34305a2e7a35fe4d52af344c02bfc Mon Sep 17 00:00:00 2001
From: Tiberiu Chibici <chibicitiberiu@gmail.com>
Date: Sat, 29 Dec 2018 17:18:54 +0200
Subject: [PATCH] Show error message if not allowed to access admin page.

---
 .../templates/YtManagerApp/settings_admin.html         | 10 +++++++++-
 app/YtManagerApp/views/settings.py                     |  6 ------
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/app/YtManagerApp/templates/YtManagerApp/settings_admin.html b/app/YtManagerApp/templates/YtManagerApp/settings_admin.html
index 35bf333..d2027e8 100644
--- a/app/YtManagerApp/templates/YtManagerApp/settings_admin.html
+++ b/app/YtManagerApp/templates/YtManagerApp/settings_admin.html
@@ -4,8 +4,16 @@
 {% block body %}
 
     <div class="container">
+
         <h1>Admin settings</h1>
-        {% crispy form %}
+    
+        {% if not request.user.is_authenticated or not request.user.is_superuser %}
+            <div class="alert alert-danger" role="alert">
+                You must be an administrator to access this page!
+            </div>
+        {% else %}
+            {% crispy form %}
+        {% endif %}
     </div>
 
 {% endblock body %}
\ No newline at end of file
diff --git a/app/YtManagerApp/views/settings.py b/app/YtManagerApp/views/settings.py
index ac4f8ad..15819f8 100644
--- a/app/YtManagerApp/views/settings.py
+++ b/app/YtManagerApp/views/settings.py
@@ -24,12 +24,6 @@ class AdminSettingsView(LoginRequiredMixin, FormView):
     template_name = 'YtManagerApp/settings_admin.html'
     success_url = reverse_lazy('home')
 
-    def get(self, request, *args, **kwargs):
-        if not request.user.is_authenticated or not request.user.is_superuser:
-            return HttpResponseForbidden()
-
-        return super().get(request, *args, **kwargs)
-
     def post(self, request, *args, **kwargs):
         if not request.user.is_authenticated or not request.user.is_superuser:
             return HttpResponseForbidden()